CVE-2017-5350: Unexpected SystemUI FC driven by arbitrary application

From: unlimitsec@gmail.com
To: bugtraq@securityfocus.com
Cc:
Subject: CVE-2017-5350: Unexpected SystemUI FC driven by arbitrary application
Date:


Description of the potential vulnerability:Lack of appropriate exception handling in some applications allows attackers to make a systemUI crash easily resulting in a possible DoS attack
Affected versions:  L(5.0/5.1), M(6.0), and N(7.0)
Disclosure status: Privately disclosed.
The patch prevents systemUI crashes by handling unexpected exceptions.

Fix:
http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017
SVE-2016-7122: Unexpected SystemUI FC driven by arbitrary application

Sincerely,

Ant-financial Light-Year Security Lab





Copyright © 1995-2018 LinuxRocket.net. All rights reserved.